RSVP'ing on meetup.com will not guarantee entry to the event. This is a limited capacity event. If you would like to guarantee the availability of a seat please reserve a ticket with Eventbrite @ [https://owasp-feb-mini-con.eventbrite.com Reserve a Ticket]

+

Please join us for another OWASP Houston workshop. This will be a hands on exercise in security topics.

<br>

<br>

−

The OWASP Houston February Mini-Con takes place at the Imperial Suite, located on the 24th floor of the Westin Galleria. Mark the date Thursday, February 21st at 6PM to join us for the first OWASP Houston conference-style event of 2013.

+

[http://www.meetup.com/OWASP-Houston/events/128411572/ Details]

<br>

<br>

−

The feature presentation will be delivered by Jason Chan, Cloud Security Architect from Netflix. Jason will be joining us to discuss Netflix approach to application security testing.

Join us for an OWASP Houston Workshop. During this workshop, attendees will be lead through the process of discovering and reporting vulnerabilities. We will start by reviewing source code for common vulnerabilities. Once we identify interesting code, we will test the application to confirm our findings. Finally, we will discuss reporting. If you would like to participate please bring your laptop. You should prepare a virtual machine with Linux, Apache, Mysql, and PHP. We will have members helping with virtual machine configurations and assistance. If you just want to watch, that's fine too. We look forward to your attendance.

Please join us for our May Mini-Con, 6PM May 16th, at the Sheraton Suites, 2400 W. Loop South, Houston, Texas 77027. We're trying a new location this time. This is a free event, but space is limited. We will be providing food and beverage. Please register for a ticket to confirm your space at the event. If tickets are unavailable, we will have some standing room.

In this talk based loosely around the Karate kid movies, Kevin John (CEO of Secure Ideas) will walk through some techniques to improve your web penetration testing techniques. Stop being the kid moved from NJ and dropped into a cruddy apartment. Learn the wax on/off of testing modern web applications.

+

<br>

+

Kevin has performed a large number of trainings, briefings, and presentations for both public events and internal trainings. Kevin teaches for the SANS Institute on a number of subjects. He is the author of three classes- SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing, and SEC571: Mobile Device Security. Kevin has presented at a large number of conventions, meetings, and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard, and ISSA.

+

<br>

+

WTF, WAF Testing Framework by Terry Ray

+

<br>

+

Terry Ray will be presenting an approach to evaluating web application firewall capabilities that is suitable to the real world use case. The methodology touches on issues like False Positive / False Negative rates, evasion techniques and white listing / black listing balance. He will demonstrate a tool that can be used by organizations to implement the methodology either when choosing an application protection solution or after deployment.

+

<br>

+

When and Where?

+

<br>

+

Thursday, May 16th from 6PM-9PM

+

<br>

+

Sheraton Suites

+

<br>

+

2400 W. Loop South

+

<br>

+

Houston, Texas 77027

+

<br>

+

For Directions: (713) 586-2444

+

<br>

+

Seating is limited, so please read these directions carefully:

+

RSVP'ing on meetup.com will not guarantee entry to the event. This is a limited capacity event. If you would like to guarantee the availability of a seat please reserve a ticket with Eventbrite @ [https://owasp-houston-may-mini-con.eventbrite.com Reserve a Ticket]

Revision as of 15:23, 26 July 2013

OWASP Houston

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Upcoming Events

We post new event details to keep you informed. Our events are open to everyone.
Formal events such as conferences are limited and require RSVP. Expect quarterly 2013 Mini-Cons in February, May, August, and November. Quarterly Mini-Cons are formal with a minimum of 2 speaking engagements by highly regarded individuals.
The Monthly Meetings are less formal and focus on networking, mingling, ideas, and enjoying the overall atmosphere. Food, refreshments, and beverages are provided.
Additionally, Monthly Meetings will have a short 15-20 minute agenda involving a speech, panel, or workshop. There is always the ever popular lock picking station at each event as well.

RSVP

OWASP Houston February Mini-Con

Thursday, February 21, 2013 at 6PM CST

Please join us for our May Mini-Con, 6PM May 16th, at the Sheraton Suites, 2400 W. Loop South, Houston, Texas 77027. We're trying a new location this time. This is a free event, but space is limited. We will be providing food and beverage. Please register for a ticket to confirm your space at the event. If tickets are unavailable, we will have some standing room.
We are pleased to annnounce the speakers and topics of the evening...
Catching Flies with Mr Miyagi: Web Application Testing Techniques by Kevin Johnson
In this talk based loosely around the Karate kid movies, Kevin John (CEO of Secure Ideas) will walk through some techniques to improve your web penetration testing techniques. Stop being the kid moved from NJ and dropped into a cruddy apartment. Learn the wax on/off of testing modern web applications.
Kevin has performed a large number of trainings, briefings, and presentations for both public events and internal trainings. Kevin teaches for the SANS Institute on a number of subjects. He is the author of three classes- SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing, and SEC571: Mobile Device Security. Kevin has presented at a large number of conventions, meetings, and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard, and ISSA.
WTF, WAF Testing Framework by Terry Ray
Terry Ray will be presenting an approach to evaluating web application firewall capabilities that is suitable to the real world use case. The methodology touches on issues like False Positive / False Negative rates, evasion techniques and white listing / black listing balance. He will demonstrate a tool that can be used by organizations to implement the methodology either when choosing an application protection solution or after deployment.
When and Where?
Thursday, May 16th from 6PM-9PM
Sheraton Suites
2400 W. Loop South
Houston, Texas 77027
For Directions: (713) 586-2444
Seating is limited, so please read these directions carefully:
RSVP'ing on meetup.com will not guarantee entry to the event. This is a limited capacity event. If you would like to guarantee the availability of a seat please reserve a ticket with Eventbrite @ Reserve a Ticket

OWASP Houston January Workshop

Thursday, January 31st at 6PM

Sponsored by: Imperva and AlertLogic
Join us for an OWASP Houston Workshop. During this workshop, attendees will be lead through the process of discovering and reporting vulnerabilities. We will start by reviewing source code for common vulnerabilities. Once we identify interesting code, we will test the application to confirm our findings. Finally, we will discuss reporting. If you would like to participate please bring your laptop. You should prepare a virtual machine with Linux, Apache, Mysql, and PHP. We will have members helping with virtual machine configurations and assistance. If you just want to watch, that's fine too. We look forward to your attendance.
Sponsored by: Imperva, Alert Logic
When: January 31st 2013 (Thursday 6PM - 8PM)
Where: Stag's Head Pub (Private Room) - 2128 Portsmouth Street Houston, TX 77098
Phone: (713) 533-1199

OWASP Houston Kick-Off Meeting (Nov. 19th)

We'll be reviewing survey results and trying to finalize some details like when and where to hold our meetings. If you want to get involved with OWASP Houston now is the time.
Sponsored by: Imperva, Alert Logic
When: November 19th 2012 (Monday 6PM - 8PM)
Where: Stag's Head Pub (Private Room) - 2128 Portsmouth Street Houston, TX 77098
Phone: (713) 533-1199

Sponsorship Opportunities

We're always looking for sponsors to help us provide the highest quality experience for our attendees. For sponsoring OWASP Houston we will list your name on our site, mention your sponsorship in all announcements on the mailing list, send us a banner and we'll hang it at the event, and send you some pictures. If you'd like to send someone to attend the event we will make room for a table. We encourage sponsors to have raffles to try and capture leads. Rather than sponsoring just one event consider sponsoring a few from the 2013 series.

Opportunity #0 - Workshops

We will have four workshops in 2013. These will be meetings dedicated to hands on education. This could be related to programming a vulnerability scanner, auditing source code, exploiting a vulnerability, or mini-ctf. Your sponsorship of this event includes appetizers and beverages for the attendees. Due to popularity, sponsoring a workshop is a $500 dollar commitment. For $2,000 dollars you can sponsor every workshop of 2013.

Opportunity #1 - Happy Hour Meeting

We will have three happy hour meetings in 2013. These will be social meetings where attendees build a local security community. We estimating the need for $500 in food and drink per meeting. By giving sponsors drink tickets to hand to attendees, we ensure that our sponsors are able to interact with everyone looking for another drink. Feel free to pass out business cards and network just like you would anywhere else. We will have three of these types of meetings in 2013 so you can sponsor all of them for just $1,500. On months where we have a formal meeting we will not hold an informal meetup.

Opportunity #2 - Formal Presentation Meeting

At our quarterly meetings we will be hosting two quality presenters. Generally we try to pull one presenter from out of state. Your sponsorship of this event includes food and beverages for the attendees. We are seeking $700 per sponsor to cover our expenses. Consider supporting the Houston OWASP community by sponsoring all of our quarterly meetings for $2,800.

Opportunity #3 - OWASP Presenter Sponsorship

Although OWASP is a non-profit organization, we strive to provide our members with the best presenters possible. In exchange for covering travel expenses for these presenters, our chapter will provide you with five minutes at the start of the meeting to introduce yourself and tell us about the products or services that your company offers. This benefit is in addition to special mention for sponsoring the travel. The speakers traveling expenses may vary but with a $1,200 donation we think we can handle the rest.

Opporutnity #4 - Meeting Space

We currently need funds to secure a stable meeting space for our quarterly presentations and workshops.

Opportunity #5 - Lock Pick Table

We are coordinating a lock picking table at every event. To help us get some new locks and create some mock door setups. For $1,000 bucks you can sponsor the table for a whole year. This opportunity is limited to one company. We'll credit you for it in all promotions, list you as a sponsor on the website. The whole deal.

Call for Papers

Local News

Worthwhile information.

November 5th 2012

Houston OWASP Chapter has been activated. Please join us in making this a successful security meetup. First meeting to finalize details around 2013 series of meeting has been scheduled for November 19th, 2012. Please fill out the quick five question survey if you have not.